Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- * @return void
- */
- function connect () {
- $con = mysql_connect('localhost', 'rhizon', 'Aspire1992') or exit(mysql_error());
- mysql_select_db('rhizon', $con) or exit(mysql_error());
- }
- /**
- * @param string $name
- * @param string $pass
- * @return boolean
- */
- function check_user ( $name, $pass ) {
- // magic quotes anpassen
- if ( get_magic_quotes_gpc() ) {
- $name = stripslashes($name);
- $pass = stripslashes($pass);
- }
- // escapen von \x00, \n, \r, \, ', " und \x1a
- $name = mysql_real_escape_string($name);
- // escapen von % und _
- $name = str_replace('%', '\%', $name);
- $name = str_replace('_', '\_', $name);
- $sql = 'SELECT id FROM accounts WHERE loginname = \'' . $name . '\' AND pass=\'' . md5($pass) . '\'';
- if ( !$result = mysql_query($sql) ) {
- exit(mysql_error());
- }
- if ( mysql_num_rows($result) == 1 ) {
- $user = mysql_fetch_assoc($result);
- return ( $user['id'] );
- } else {
- return ( false );
- }
- }
- /**
- * @param int $userid
- * @return void
- */
- function login ( $userid ) {
- $sql = 'UPDATE accounts SET session = \'' . session_id() . '\' WHERE id = ' . ((int)$userid);
- if ( !mysql_query($sql) ) {
- exit(mysql_error());
- }
- }
- /**
- * @return boolean
- */
- function logged_in () {
- $sql = 'SELECT id FROM accounts WHERE session = \'' . session_id() . '\'';
- if ( !$result = mysql_query($sql) ) {
- exit(mysql_error());
- }
- return (mysql_num_rows($result) == 1);
- }
- /**
- * @return void
- */
- function logout () {
- $sql = 'UPDATE accounts SET session = NULL WHERE session = \'' . session_id() . '\'';
- if ( mysql_query($sql) ) {
- exit(mysql_error());
- }
- }
- function username () {
- $sql = 'SELECT loginname FROM accounts WHERE session = \'' . session_id() . '\'';
- $ergebnis = mysql_fetch_array($sql);
- return $ergebnis['loginname'];
- }
- connect();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement